If you are anything like me and don’t want to disable SELinux upon installation of Fedora Linux, then I have a hint for you.
List all files from selinux-policy-targeted and look at the output. You will the list of all files in the RPM package. Few of those files are SELinux manuals for better tweaking.
/usr/share/man/man8/ftpd_selinux.8.gz /usr/share/man/man8/httpd_selinux.8.gz /usr/share/man/man8/kerberos_selinux.8.gz /usr/share/man/man8/named_selinux.8.gz /usr/share/man/man8/nfs_selinux.8.gz /usr/share/man/man8/nis_selinux.8.gz /usr/share/man/man8/rsync_selinux.8.gz /usr/share/man/man8/samba_selinux.8.gz /usr/share/man/man8/ypbind_selinux.8.gz
I just fixed two problems easily after looking into the documentation.
One was with bind, which was complaining with “Permission denied” on any incoming zone transfer (slave zone). named had all the access there is to all folders, but still couldn’t write. This command (mentioned in man 8 named_selinuhelped immediately:
setsebool -P named_write_master_zones 1
Anoner problem was with Apache, which wasn’t showing anything in user’s public_html directory. man 8 httpd_linux suggested the solution that worked:
setsebool -P httpd_enable_homedirs 1 chcon -R -t httpd_sys_content_t ~user/public_html
0 responses so far ↓
There are no comments yet...Kick things off by filling out the form below.
Leave a Comment